On this Page:
Cache Disk
MayaNAS requires cache disk to be attached and configured before creating ZFS storage pool over high-latency S3 object storage. The cache disk can be configured as
Purpose | Size |
---|---|
ZIL Log device (recommended) | 1.5 times Instance RAM size |
Bcache Cache device | Size of the expected workset |
L2ARC Read Cache | Twice the instance RAM size |
Backing Disk
MayaNAS supports creating ZFS storage pool on multiple S3 object storage directly. It is recommended to create the desired number of storage buckets before Getting Started wizard.
Any other disks needed has to be created and attached to the instance before starting the configuration.
gcloud compute instances attach-disk MAYANAS_INSTANCE --zone=${CLOUDSDK_COMPUTE_ZONE} --disk=DISK_NAME --device-name DISK_NAME
Make sure the device name is same as whatever name was used for the disk if using the GCP Console
Virtual IP address
To provide virtual IP address for HA operation assign suitable secondary address range to your network subnet
For example to assign virtual IP addresses in 10.9.0.0 network range to default
network in the region us-west1
gcloud compute networks subnets update default \ --region us-west1 --add-secondary-ranges range1=10.9.0.0/24
After this virtual IP address 10.9.0.100 can be used for MayaNAS HA configuration.
Service Account
Check the service account permissions that was used to deploy MayaNAS instances. MayaNAS requires a service account with sufficient permissions to manipulate disk attachments for proper sharing and fencing, and also storage read-write access to object storage. It also needs sufficient permission to float the virtual IP across multiple instances. If the default service account lacks these permission a separate service account is needed for proper HA configuration
From Google cloud shell or from computer where gcloud CLI is available create a new service account as follows
- Find the project name associated with the deployment and set it to shell variable PROJECT
If the PROJECT appears different then switch to the project name used for MayaNAS deploymentPROJECT=$(gcloud info --format='value(config.project)')
gcloud config set project YOUR_PROJECT
- Create the service account
SA="mayanas-service"gcloud iam service-accounts create $SA --display-name "mayanas service account"
- Find the email of the newly craeted service account and set it to shell variable SA_EMAIL
SA_EMAIL=$(gcloud iam service-accounts list --filter="displayName:mayanas service account" \ --format='value(email)')
-or-
Set the variable
SA_EMAIL= ${SA}@${PROJECT}.iam.gserviceaccount.com
Add relevant permissions to the newly created service account with the role scope limited to this project only. Your other instances in different projects will not be affected by these changes.
# permission to create/modify instances in your project gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:$SA_EMAIL \ --role roles/compute.instanceAdmin # permission to create/modify network settings in your project gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:$SA_EMAIL \ --role roles/compute.networkAdmin
# permission to create/modify images & disks in your project gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:$SA_EMAIL \ --role roles/compute.storageAdmin
Update MayaNAS instances with the newly created service account. Unfortunately the instances have to be stopped to attach service account in Google Cloud.
gcloud compute instances set-service-account YOUR_INSTANCE --zone us-west1-b \
--service-account=$SA_EMAIL
Local instances with local SSDs cannot be stopped from the Google Cloud Web Console. To overcome this, ssh to instances and issue poweroff and wait for instances to STOP. After that service accounts can be changed to the instance.
Change default GUI password
Change the MayaNAS Administration GUI default password to something random by running
# /opt/mayastor/web/genrandpass.sh
Or to set your own password
# /opt/mayastor/web/changepass.sh Login name (default admin): Login password: Password again:
And then restart the web server for password changes to take effect
# /opt/mayastor/web/stop # /opt/mayastor/web/start
Connect to MayaNAS Web Console
Now you can proceed with High-Availability setup using the Getting Started wizard from Administration Web console available on http://<MayaNAS1-ip>:2020
To avoid public network exposure of port 2020 it is recommended to use ssh tunneling with port forwarding as follows
gcloud compute ssh --zone YOUR_ZONE MayaNAS1" --project YOUR_PROJECT -L 2020:localhost:2020
Then access web console as http://localhost:2020